Skip to content

Files

Latest commit

2ef887e · May 23, 2017

History

History
This branch is 618 commits behind usnistgov/800-63-3:nist-pages.

sp800-63c

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
Mar 2, 2017
Nov 21, 2016
May 16, 2017
Oct 9, 2016
May 23, 2017
May 16, 2017
May 18, 2017
May 16, 2017
May 16, 2017
May 18, 2017
May 18, 2017
May 18, 2017
May 18, 2017
May 16, 2017
May 16, 2017

SP 800-63C

This is a working draft of NIST Special Publication 800-63C, Assertions and Federation. This document is a sub-document referenced by SP 800-63-3 covering the associated topics that had been previously in SP 800-63-2.

SP 800-63C provides guidance on the use of assertions to convey the results of authentication processes to a relying party. Assertions are used in federated identity systems where the authentication is performed a verifier (sometimes called an Identity Provider) and used by a different party, sometimes called a Relying Party. Federation permits a centrally-managed set of credentials to be used at a number if different relying parties.

Keys and other secrets used to maintain state (stored in cookies, local storage, etc.) have been sometimes characterized as local assertions, but have very different requirements and characteristics than assertions conveyed between different parties. Accordingly, such "local assertions" are treated as reauthentication secrets and covered in SP 800-63B.

This document is broken up into sections as follows:

Front matter

1. Purpose and 2. Introduction

3. Definitions and Abbreviations

4. Federation

5. Assertions

6. Assertion Presentation

7. Federation Assurance Level

8. Security

9. Privacy

10. Usability

11. Assertion Examples

12. References